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Examiner's Amendment 
The Examiner contacted Anna Vishev, Attorney of record, on September 5, 2006. Ms. Vishev 
agreed to the following amendments that are highlighted in bold letters and underlined. 
Please enter these changes that are in bold letters and underlined. 
The application has been amended as follows: 

Claim 23. A security system for a computer network, the network having a plurality of 
devices connected thereto, the security system comprising: 

(a) a security subsystem connected to at least some of the devices in the network, the 
security subsystem configured to monitor activities of the at least some devices on the network 
and detect attacks on the at least some devices; 

(b) a master system which monitors the integrity of the security subsystem and registers 
information pertaining to attacks detected by the security subsystem; and 

(c) a first secure link connected between the security subsystem and the master system, 
the master system monitoring the integrity of the security subsystem and receiving the 
information pertaining to the attacks through the first secure link, wherein the master system 
further monitors whether the security subsystem responds to the master system, the master 
system taking action if no response is detected. 

Claim 33. A security system for a computer network, the network having a plurality of devices 
connected thereto, at least some of the devices having security-related functions, the security 
system comprising: 

(a) a security subsystem associated with at least some of the devices in the network which tests 
the integrity of the security-related functions; 
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(b) a master system which monitors the integrity of the security subsystem and receives and 
stores results of the integrity testing of the devices having security-related functions; and 

(c) a secure link connected between the security subsystem and the master system, the master 
system monitoring the integrity of the security subsystem and receiving the results of the 
integrity testing of the devices having security-related functions through the first secure link, 
wherein one of the master system and the security subsystem further monitors whether a 
device having security-related functions responds to said one of the master system and the 
security subsystem, and wherein one of the security subsystem and the master system takes 
action when no response is detected. 

Claim 42. A security system for a computer network, the network having a plurality of devices 
connected thereto, the security system comprising: 

(a) a security subsystem connected to at least some of the devices in the network, the security 
subsystem configured to monitor activities of the at least some devices on the network, and 
detect attacks on the at least some devices; 

(b) a master system which monitors the integrity of the security subsystem and registers 
information pertaining to attacks detected by the security subsystem; and 

(c) a first secure link connected between the security subsystem and the master system, the 
master system monitoring the integrity of the security subsystem and receiving the information 
pertaining to the attacks through the first secure link, wherein one of the master system and 
the security subsystem further monitors whether the device responds to one of the master 
system and the security subsystem, and wherein one of the security subsystem and the 
master system takes action when no response is detected. 
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Reasons For Allowance 

1 . Status of Claims: Claims 31,36-38 were objected to in the previous office action dated, 
12/19/05. The Applicant has amended independent claims 23, 33, and 42 to include the 
limitation of claim 31which was an objected to claim in previous office action 12/19/05. Claims 
23, 25-30, 32-33, 35, 37-42 are allowable for the reasons listed below: 

2. The claimed invention states that.a major shortcoming of security systems is that they 
reside on the same network. Thus, when an intruder has gained access to the network, the whole 
network is attacked and is vulnerable. The same network on which a security system resides is 
also vulnerable. Non-patent literature Emigh, teaches a company that has 24/7 monitoring, 
intervention, testing, and trend analysis from IBM's Network Security Operations Center in. 
Colorado. Netranger sensors are located at places on a corporate network such as the Internet 
and intranet connections, together with the intrusion monitor to be used by IBM at the NSOC. 
The sensor will look into the data stream, analyzing it for signatures indicative of misuse. If 
misuse is found, an alarm will be sent in real-time to Colorado. The claim limitation of "wherein 
the master system further monitors whether the security subsystem responds to the master 
system, the master system taking action if no response is detected", is not taught in Emigh. The 
master system of Emigh is the NSOC, the NSOC provides 24/7 monitoring, and the security 
subsystem is the network sensor located on the network, if a misuse if found an alarm is sent. 
There is no suggestion or teaching of if the security subsystem does not response the master 
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system taking action. Further, Emigh teaches that IBM's NSOC gives written reports to 
customers of the status of the network, thus there is no teaching of master system taking action. 

3. The non-patent literature of Messmer teaches, a company called Counterpane Internet 
Security that has a managed intrusion detection service. Counterpane's service monitors the 
customer's internal servers and network traffic. A probe is put on the customer's network to 
accept audit data from a wide range of devices. The counterpane's black box sensor captures 
syslog and audit outputs from servers, firewalls, and intrusion detection software. The 
counterpane box regularly transmits the network activity output in encrypted from the 
Counterpane's data centers. Counterpane advises corporations on how to combat threats but do 
not make changes to the corporation's equipment. The claim limitation of "wherein the master 
system further monitors whether the security subsystem responds to the master system, the 
master system taking action if no response is detected", is not taught in Messmer. The black box 
regularly transmits information to the master system(i.e. data center). There is no suggestion or 
disclosure of "wherein the master system further monitors whether the security subsystem 
responds to the master system, the master system taking action if no response is detected". 
Further, Messmer teaches that the Master system does not take action as claimed by the 
Applicant, because Messmer teaches that Counterpane advises corporations on how to combat 
threats but do not make changes to the corporation's equipment. 

4. Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 
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Conclusion 


Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E. Jackson whose telephone number is (571) 272-3791. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Friday's. ■ 

If attempts to reach the examiner by telephone are unsuccessful,, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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